As of July 2020, Microsoft Windows 7 still controls around 20% of total desktop operating systems worldwide.

A couple of reasons why you don’t want to still be using Microsoft Windows 7:

• It’s no longer receiving security updates as Microsoft ended mainstream support for the product in January 2020. That means its existing vulnerabilities are forever; aggressors will be able to exploit those problems forever.
  

• Consequently, the US FBI issued a warning on August 3, 2020 about continuing to use the legacy operating system, as has the UK’s National Cyber Security Centre has directly warned users not to use Windows 7 for commercial activities like email or banking.
  

• If the appeal-to-authority doesn’t work for you, how about money? IBM recently reported that the average cost of a data breach in the United States is $3.86 million.
  

• And, yeah, cyber security insurance. You think you’re covered. It’s not like your cyber security policy is going to cover you if you’re running a known-bad o/s. That’s just raw negligence, kids.

Now, you have options.

• Like Mac’s? After January 2021, Apple will be transitioning to ARM microprocessors. Lots of techie stuff here but the bottom line is that Macs are soon going to get hundreds of dollars cheaper. Cool! Upgrades!
  

• But if don’t have a cool $1k to drop on a new machine, and if you’re married to the Google Cloud Ecosystem, there’s never been a better time to update to a Chromebook or a Chromebox. There’s a lot of great boxes out there, some priced at a 1/3rd of the cost of a comparable Microsoft Windows 10 computer. They boot in eight seconds, they’re encrypted, they receive automatic updates that don’t break them, they are significantly more secure than Windows will ever be … why not?
  

• Okay, so maybe Google ain’t your thing. If you have an older machine still running Windows 7, and you’re comfortable with the machine’s overall performance and still want to use it, and you’re mostly using a web browser to access online services, consider installing Linux. I’d recommend Ubuntu or its cousin, Zorin. They’re more secure than Windows, won’t break your system, and will make the older machines run like they were new.
  

• If you’re still using Microsoft Word and Excel? Are you dependent on some 3rd party application that has to run on Windows? You could upgrade your Windows 7 machine to Windows 10, sure, it’s only a $100. That’s a lot cheaper than $3.86 million. But watch the performance hit. You’d probably be better off just replacing the asset.

Here’s the thing: continuing to use an obsolete product is only making you more vulnerable, and, more of a target to aggressors who look at you and your data as an easy target. There’s no reason why you’d rationally want to be an easier target for hackers. Take action today to replace that old machine. Do something!

R

So a little while ago, I wrote about the risks that remote workers face while working from home.

A recent study of home routers does well to illustrate these vulnerabilities.

In a study entitled Home Router Security Report 2020 conducted by FKIE, it was found that 43/127 commercial routers hadn’t received security updates in the last year from the original equipment manufacturer (OEM), despite the fact that these devices are affected by hundreds of known vulnerabilities. In the worst cases, the devices hadn’t bee updated by the OEM in more than five years.

Over ninety percent of the evaluated routers run versions of the Linux operating system. Yet, the updates provided to the routers fall far behind the standards we’d expect for desktop or server machines running the same operating systems. These vendors could distribute security patches and updates several times a year, but often they do not.

FKIE’s study only complements a 2018 study conducted by American Consumer Institute demonstrating that 83-percent of sampled routers were found to have an average of 186 vulnerabilities to potential attacks in the router’s firmware.

Such evidence suggests:

1. Home router manufacturers aren’t preparing firmware updates in a timely fashion;

2. Users are not applying available updates in a timely fashion, or, may not understand how.

This is a severe problem, especially in the age of COVID as many millions of workers are conducting important commercial business on the backs of outdated router firmware with known bugs.

But you can do better. Hiring a computer consultant to investigate your router, update its firmware, or replace the router, can secure your small business. It’s a practical step in deterring potential aggressors and in safeguarding your information assets. Just ask us how it’s done.

R

The COVID-19 pandemic has forced millions to work from home.

In the tech industry, we call home computers and home networks unmanaged endpoints - unmanaged because we don’t control those devices and we have no idea how they’re configured.

There’s a whole bunch of risk that comes with unmanaged endpoints:

1. The operating system of home computers are often neglected. They could be lesser versions of Microsoft Windows or MacOS and haven’t received critical updates or patches.

2. The software or settings that we introduce into corporate environments to safeguard our computers aren’t implemented with unmanaged endpoints.

3. Disaster recovery options on unmanaged endpoints is challenging because data may be stored on the local hard drive of these machines. There may not be any data backups.

4. Privacy and confidentiality of corporate data may also be at risk because, again, such data is stored on an unmanaged hard drive. Who knows if the local admin password on the PC is set to a reasonable level as to disallow root-level access.

5. The use case of home machines are very different from business machines. There’s likely to be more risky behaviors (browsing, downloading, installing by end users) associated with these endpoints taken on by teenagers and children.

6. The networking equipment - like the home router and wifi access point - likely hasn’t been patched, updated, or even its root password rotated from its default setting.

And all of this spells big trouble for the small business.

The challenge is to transform these unmanaged assets into managed ones, and, to inspect the networking environment for potential risks and, well, you know … do something about it!

We help small business use technology better. That includes three critical solutions to help protect small business while distance-working.

1. Ongoing Endpoint Monitoring and Protection.

2. Online Backups.

3. Remote Support.

Our Endpoint Monitoring and Protection software reports vulnerabilities back to us so we can take corrective action. It turns an unmanaged endpoint into a managed one. It helps identify areas where the operating system may be vulnerable, or, when somebody installs a risky program. It also includes an antivirus, anti-malware, safe browsing, and intrusion protection system that counters typical threats to a user’s machine.

Our Online Backup solution is all about recovering the company’s data in addition to the user’s data while they’re using their own PC for company business. In the event of failure or if their machine is hit by a ransomware, we can recover the user’s data to a restored machine.

Our Remote Support is part of what we offer. It’s a human eye to look at the user’s network and can make recommendations to improve their security posture. We can red-flag issues that are unmitigated risks so that they can be dealt with; otherwise, we can help safeguard the remote employee with a few simple changes. And of course, if the user gets in a jam with their tech, we’re there to help so they can get back to work.

In all, our approach is to mitigate risk to the small business and to the employee by taking preventative measures. Instead of just reacting to failure - hoping that everything is okay with an unmanaged asset - we help our clients move beyond hope. We help small businesses have confidence in their ability to function and serve their customers.

That’s how we add value.

R